Today marks the fifth anniversary of the NHS WannaCry cyber-attack. Cyber security expert reacted below.
Author: ISBuzz Team
Cyble researchers detail their discovery of the ‘Eternity Project,’ a new malware-as-a-service offering that includes stealers, clippers, worms, miners, ransomware, and DDoS Bots. The group is said to have a Telegram channel (with 500+ subscribers) promoting the malware, complete with detailed videos of the products. Excerpt: The features of the stealer malware mentioned on the TAs website and Telegram channel are: Browsers collection (Passwords, CreditCards, Cookies, AutoFill, Tokens, History, Bookmarks):Browsers: Chrome, Firefox, Edge, Opera, Chromium, Vivaldi, IE, and +20 more.Email clients: Thunderbird, Outlook, FoxMail, PostBox, MailBird.Messengers: Telegram, Discord, WhatsApp, Signal, Pidgin, RamBox.Cold cryptocurrency wallets: Atomic, Binance, Coinomi, Electrum, Exodus, Guarda, Jaxx,…
A Joint Advisory released today by members of the Five Eyes intelligence alliance warned MSPs and their customers that they’re being targeted by supply chain attacks. Excerpts: This joint Cybersecurity Advisory (CSA) provides actions MSPs and their customers can take to reduce their risk of falling victim to a cyber intrusion. This advisory describes cybersecurity best practices for information and communications technology (ICT) services and functions, focusing on guidance that enables transparent discussions between MSPs and their customers on securing sensitive data Among many recommendations, the advisory recommends the following preventive measures ands provides links to resources. Improve security of…
VPNMentor is reporting that a database containing the personal details and login credentials of 21 million users was leaked in a Telegram group. The dump also exposed the data of VPN users including SuperVPN, GeckoVPN, and ChatVPN. The database contains 10GB worth of data and is available for free on several different Telegram groups. (the records appear to be unique). Overall, the database contains: Email addressesUsernamesFull namesCountry namesRandomly generated password stringsBilling detailsPremium status and validity period
It has been reported that a British man has been charged in New York with unauthorized computer intrusion, securities fraud, wire fraud and other crimes, causing more than $5m of losses. According to a 10-count complaint made public yesterday, Idris Dayo Mustapha, 32, a UK citizen, and others used phishing and other means to obtain user credentials from January 2011 to March 2018.
Following today’s announcement regarding the new data reform bill intended to allow the UK to deviate from EU privacy legislation, please see commentary below from Information Security Experts.
Researchers with Outpost24 are reporting over 31,000 corporate credentials for many of the UK’s leading FTSE 100 firms on the dark web. These are the 100 biggest companies listed on the London Stock Exchange by market capitalization. The researchers used their threat monitoring and auditing tool Blueliv to search dark web sites for the breached credentials. Key findings from stolen and leaked credentials study: The majority (81%) of the companies within the FTSE 100 had at least one credential compromised and exposed on the dark web31,135 total stolen and leaked credentials detected for FTSE 100 companies, with 38% disclosed on the underground in…
According to Reuters, a British man has been charged in New York for hacking into email servers and computers belonging to U.S. banks and brokerages in order to access investors’ accounts, causing more than $5 million of losses. Idris Dayo Mustapha, 32 and others are accused of using phishing and other means to obtain user names and passwords and access online bank and brokerage accounts from January 2011 to March 2018. Prosecutors said the Lagos, Nigeria native and his co-conspirators at first transferred victims’ money to their own accounts. They said once banks began blocking the transfers, the conspirators would…
At CyberUK2022, The NCSC published fresh guidelines on how organisations can prioritise staff welfare in their cyber incident response plans: https://www.ncsc.gov.uk/guidance/putting-staff-welfare-at-the-heart-of-incident-response In response to the announcement, Laurie Mercer, Security Engineer at HackerOne – the world’s most trusted provider of ethical hacking solutions – has provided his personal thoughts on why its so important for organisations to put staff welfare first when a cyber-attack strikes.
F5 recently patched a critical vulnerability in their BIG-IP iControl REST endpoint CVE-2022-1388. This vulnerability is particularly worrisome for users because it is simple to exploit and provides an attacker with a method to execute arbitrary system commands. Attack engineers with Horizon3ai discovered the root cause of the vulnerability and have published an examination of its inner workings in “F5 iControl REST Endpoint Authentication Bypass Technical Deep Dive,” authoredby Horizon3ai
